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DETAILED ACTION 
Response to Amendment 

1. Applicant's amendment filed 05 October 2004 amends claims 1, 17, 18, and 20. The 
amendments to the claims have been fully considered and are entered. 

Response to Arguments 

2. Applicant's arguments, filed 05 October 2004, with respect to the rejection(s)of claim(s) 
1-20 have been fully considered and are persuasive. Therefore, the rejection has been 
withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view 
of Peyret, U.S. Patent No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and fiirther in 
view ofZumkehr, U.S. Patent No. 5,974,529. 

Claim Rejections - 35 USC §103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue, 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 
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5. Claims 1, 4, 6, 8, 12-15, 17, 18, 20 are rejected under 35 U.S.C 103(a) as being 
unpatentable over Peyret, U.S. Patent No. 5,923,884, in view of Chen, U.S. Patent No. 
6,360,364, and further in view of Zumkehr, U.S. Patent No. 5,974,529. Referring to claims 1, 4, 

6, 12-15, 17, Peyret discloses a method for loading applications onto a smart card wherein the 
system includes a smart card, terminal (client), and a server (Fig. 4). The smart card has a first 
interface system that may connect the smart card to the terminal and second interface to connect 
the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When the smart card is connected to the 
terminal, the processor of the smart card, verifies the authenticity of the terminal and of the 
server and visa versa. If the server and the smart card authenticate each other, then the loader 
within the smart card begins the loading process (Col. 7, lines 42-67). Once an application is 
selected, which meets the limitation of loading a sequence of commands to download the 
application component to the chipcard, to be loaded the smart card authenticates the application 
code through the use of digital signatures (Col. 9, lines 50-53). Digital signatures utilize private 
or secret keys, which meet the limitation of delivery of a secret key or session key by the server, 
generation of a digital signature with the secret key or session key by way of each command 
within the command sequence, transmission of the signed command sequence as a data packet to 
the client. If the digital signature is valid then the application is loaded onto the smart card (Col 
9, lines 54-57), which meets the limitation of checking of the digital signature and execution of 
the commands if the digital signature is correct. Peyret does not disclose that the application is 
unpacked at the user terminal before being installed on the smart card. Chen discloses a method 
for installing an application wherein a desktop manager on the user terminal unpacks the 
application program before installing the program on the smart card (Col. 8, line 66 - Col. 9, line 
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22), which meets the limitation of unpacking of the data packet by the client and transmission of 
the individual commands in sequence to the smart card. It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to unpack the application program of 
Peyret on the user terminal before transferring the application to the smart card in order to 
minimize the decisions required of a user when installing an application as taught in Chen (Col. 
9, lines 24-26). Peyret does not disclose that each individual instruction of the application is 
digital signed. Zumkehr discloses a system for error detection wherein individual program 
instructions are digitally signed and later authenticated (Col. 2, lines 29-47). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made for the application 
instructions of Peyret to be digitally signed in order to provide low . detection latency as taught in 
Zumkehr (Col. 2, lines 47-50). 

Referring to claim 8, Peyret discloses that the cryptosystem used can be a public key 
cryptosystem (asymmetrical) (Col. 5, lines 31-33). 

6. Claims 2, 7, 10, 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Peyret, U.S. Patent No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and further in 
view of Zumkehr, U.S. Patent No. 5,974,529 as applied to claims 1-3, 17 above, and further in 
view of Everett, U.S. Patent No. 6,575,372. Referring to claims 2, 7, 10, 19, Peyret discloses a 
method for loading applications onto a smart card wherein the system includes a smart card, 
terminal (client), and a server (Fig. 4). The smart card has a first interface system that may 
connect the smart card to the terminal and second interface to connect the terminal to the server 
(Fig. 4 & Col. 7, lines 33-39). When the smart card is connected to the terminal, the processor of 
the smart card, verifies the authenticity of the terminal and of the server and visa versa. If the 
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server and the smart card authenticate each other, then the loader within the smart card begins 
the loading process (Col. 7, lines 42-67). Once an application is selected, which meets the 
limitation of loading a sequence of commands to download the application component to the 
chipcard, to be loaded the smart card authenticates the application code through the use of digital 
signatures (Col. 9, lines 50-53). Digital signatures utilize private or secret keys, which meet the 
limitation of delivery of a secret key or session key by the server, generation of a digital 
signature with the secret key or session key by way of each command within the command 
sequence, transmission of the signed command sequence as a data packet to the client. If the 
digital signature is valid then the application is loaded onto the smart card (Col. 9, lines 54-57), 
which meets the limitation of checking of the digital signature and execution of the commands if 
the digital signature is correct. Chen discloses a method for installing an application wherein a 
desktop manager on the user terminal unpacks the application program before installing the 
program on the smart card (Col. 8, line 66 - Col. 9, line 22), which meets the limitation of 
unpacking of the data packet by the client and transmission of the individual commands in 
sequence to the smart card. Zumkehr discloses a system for error detection wherein individual 
program instructions are digitally signed and later authenticated (Col. 2, lines 29-47), Peyret does 
not disclose that the keys are generated based on card identification data. Everett discloses an IC 
card loading system wherein to generate cryptographic keys for each individual IC card, a 
certificate authority uses card identification information transmitted from the terminal in order to 
generate individual key sets for the IC cards (Col. 5, lines 42-67). It would have been obvious to 
one of ordinary skill in the art at the time the invention was made for the cryptographic keys of 
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Peyret to be generated based on the IC card identification data in order to easily identify and 
authenticate the cards at a later point in time as taught in Everett (Col. 8 3 lines 25-34). 
7. Claim 16 is rejected under 35 U.S.C. 103(a) as being unpatentable over Peyret, U.S. 
Patent No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and further in view of 
Zumkehr, U.S. Patent No. 5,974,529 as applied to claims 1, 13 above, and further in view of 
Hanel, GB 2,314,948. Referring to claim 16, Peyret discloses a method for loading applications 
onto a smart card wherein the system includes a smart card, terminal (client), and a server (Fig. 
4). The smart card has a first interface system that may connect the smart card to the terminal 
and second interface to connect the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When 
the smart card is connected to the terminal, the processor of the smart card, verifies the 
authenticity of the terminal and of the server and visa versa. If the server and the smart card 
authenticate each other, then the loader within the smart card begins the loading process (Col. 7, 
lines 42-67). Once an application is selected, which meets the limitation of loading a sequence of 
commands to download the application component to the chipcard, to be loaded the smart card 
authenticates the application code through the use of digital signatures (Col. 9, lines 50-53). 
Digital signatures utilize private or secret keys, which meet the limitation of delivery of a secret 
key or session key by the server, generation of a digital signature with the secret key or session 
key by way of each command within the command sequence transmission of the signed 
command sequence as a data packet to the client. If the digital signature is valid then the 
application is loaded onto the smart card (Col. 9, lines 54-57), which meets the limitation of 
checking of the digital signature and execution of the commands if the digital signature is 
correct. Chen discloses a method for installing an application wherein a desktop manager on the 



Application/Control Number: 09/679,333 Page 7 

Art Unit: 2132 

user terminal unpacks the application program before installing the program on the smart card 
(Col. 8, line 66 - Col. 9, line 22), which meets the limitation of unpacking of the data packet by 
the client and transmission of the individual commands in sequence to the smart card. Zumkehr 
discloses a system for error detection wherein individual program instructions are digitally 
signed and later authenticated (Col. 2, lines 29-47). Peyret does not disclose using message 
authentication codes in the command codes. Hanel discloses a chipcard data transfer method 
wherein message authentication codes are appended to commands (Page 1). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made for the commands 
of Peyret to include a MAC because it is a known procedure as disclosed in Hanel (Page 1). 
8. Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Peyret, U.S. Patent 
No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and further in view of Zumkehr, 
U.S. Patent No. 5,974,529 as applied to claim 1 above, and further in view of Klingman, U.S. 
Patent No. 5,729,594. Referring to claim 5, Peyret discloses a method for loading applications 
onto a smart card wherein the system includes a smart card, terminal (client), and a server (Fig. 
4). The smart card has a first interface system that may connect the smart card to the terminal 
and second interface to connect the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When 
the smart card is connected to the terminal, the processor of the smart card, verifies the 
authenticity of the terminal and of the server and visa versa. If the server and the smart card 
authenticate each other, then the loader within the smart card begins the loading process (Col. 7, 
lines 42-67). Once an application is selected, which meets the limitation of loading a sequence of 
commands to download the application component to the chipcard, to be loaded the smart card 
authenticates the application code through the use of digital signatures (Col. 9, lines 50-53). 
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Digital signatures utilize private or secret keys, which meet the limitation of delivery of a secret 
key or session key by the server, generation of a digital signature with the secret key or session 
key by way of each command within the command sequence, transmission of the signed 
command sequence as a data packet to the client. If the digital signature is valid then the 
application is loaded onto the smart card (Col. 9, lines 54-57), which meets the limitation of 
checking of the digital signature and execution of the commands if the digital signature is 
correct. Chen discloses a method for installing an application wherein a desktop manager on the 
user terminal unpacks the application program before installing the program on the smart card 
(Col. 8, line 66 - Col. 9, line 22), which meets the limitation of unpacking of the data packet by 
the client and transmission of the individual commands in sequence to the smart card. Zumkehr 
discloses a system for error detection wherein individual program instructions are digitally 
signed and later authenticated (Col. 2, lines 29-47). Peyret does not disclose communication 
using SSL. Klingman discloses client server communications using SSL (Col. 3, lines 32-36). It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
use SSL in the communications of Peyret in order to provide a secure communication line as 
taught in Klingman (Col. 3, lines 37-39). 

9. Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Peyret, U.S. Patent 
No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and further in view of Zumkehr, 
U.S. Patent No. 5,974,529 as applied to claims 1, 8 above, and further in view of Schneier. 
Referring to claim 9, Peyret discloses a method for loading applications onto a smart card 
wherein the system includes a smart card, terminal (client), and a server (Fig. 4). The smart card 
has a first interface system that may connect the smart card to the terminal and second interface 
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to connect the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When the smart card is 
connected to the terminal, the processor of the smart card, verifies the authenticity of the 
terminal and of the server and visa versa. If the server and the smart card authenticate each other, 
then the loader within the smart card begins the loading process (Col. 7, lines 42-67). Once an 
application is selected, which meets the limitation of loading a sequence of commands to 
download the application component to the chipcard, to be loaded the smart card authenticates 
the application code through the use of digital signatures (Col. 9, lines 50-53). Digital signatures 
utilize private or secret keys, which meet the limitation of delivery of a secret key or session key 
by the server, generation of a digital signature with the secret key or session key by way of each 
command within the command sequence, transmission of the signed command sequence as a 
data packet to the client. If the digital signature is valid then the application is loaded onto the 
smart card (Col. 9, lines 54-57), which meets the limitation of checking of the digital signature 
and execution of the commands if the digital signature is correct. Chen discloses a method for 
installing an application wherein a desktop manager on the user terminal unpacks the application 
program before installing the program on the smart card (Col. 8, line 66 - Col. 9, line 22), which 
meets the limitation of unpacking of the data packet by the client and transmission of the 
individual commands in sequence to the smart card. Zumkehr discloses a system for error 
detection wherein individual program instructions are digitally signed and later authenticated 
(Col. 2, lines 29-47). Peyret discloses the use of pubic key cryptography but does not disclose the 
use of RSA, Schneier discloses that RSA is a form of public key cryptography (Page 366). It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
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use RSA as the public key cryptographic method in Peyret because RSA is the most popular 
form of public key cryptography as disclosed in Schneier (Page 366-367). 



10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E Lanier whose telephone" number is 571-272-3805. 
The examiner can normally be reached on M-ThO 7:30am-5:00pm, F 7:30am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Conclusion 





Benjamin E. Lanier 
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